NoName057(16) is still conducting DDoS attacks on the websites of institutions and companies in European countries. The new Go variant of bots implemented an authentication mechanism to communicate with C2 servers and their proxies. Moreover, the mechanism also provides IP address blocklisting...
Zero-day attacks discovered in-the-wild, Arkei Stealer and LimeRAT boosting their presence, and continuation of pro-russian DDoS attacks
Avast discovered an exploit for CVE-2021-38003 was used in the wild to attack Dota 2 players. This exploit achieved remote code execution on other players' machines by taking advantage of Dota's usage of an outdated V8 version. In response to Avast's findings, Valve patched the vulnerability on...
The team at Avast has developed a decryptor for the BianLian ransomware and released it for public download. The BianLian ransomware emerged in August 2022, performing targeted attacks in various industries, such as the media and entertainment, manufacturing and healthcare sectors, and raised the...
Volunteers join a DDoS botnet called DDosia to carry out attacks in order to earn up to 80,000 rubles in cryptocurrency by providing their network bandwidth.
Since October 2022, we’ve been observing multiple malware types delivered via a new dropper strain that we are referring to as “NeedleDropper”. Its name references one of the ways the dropper stores data. NeedleDropper is not just a single executable, it carries several files which together create...
In this paper we will detail a novel way to gain script access to any compiled Visual Basic 6 executable.
This task is accomplished by instrumentation of the runtime and utilizing innate design features of the language.